Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40264.roa
File: AS40264.roa (raw, json)
Hash identifier: F3U756X9xgHjM68m8AWp2QsbsRw0PDr/Z/YQbx1PyGU=
Subject key identifier: 22:1B:63:7A:5C:F8:F0:AD:54:68:D6:D0:2F:18:A5:D4:3F:8A:60:96
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 49A63AF7CA53B4B5C711C9E1FFC45E644225B0F4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40264.roa
Signing time: Fri 10 Jan 2025 18:01:26 +0000
ROA not before: Fri 10 Jan 2025 17:56:26 +0000
ROA not after: Fri 09 Jan 2026 18:01:26 +0000
asID: 40264
IP address blocks: 82.27.4.0/22 maxlen: 22
82.27.12.0/22 maxlen: 22
82.29.16.0/22 maxlen: 22
82.29.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:a6:3a:f7:ca:53:b4:b5:c7:11:c9:e1:ff:c4:5e:64:42:25:b0:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 10 17:56:26 2025 GMT
Not After : Jan 9 18:01:26 2026 GMT
Subject: CN=221B637A5CF8F0AD5468D6D02F18A5D43F8A6096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5a:a2:5e:fc:55:0d:db:d4:c8:b0:e4:60:6d:
61:64:b4:bb:54:cd:8c:1a:6b:b4:f4:81:2f:b2:77:
be:72:d3:c1:59:da:25:d3:e8:e9:96:7a:99:c6:ae:
44:26:23:44:11:71:8f:52:b5:37:c3:c1:51:e3:9e:
fa:1b:fd:36:2e:63:fd:c9:58:12:40:7a:f9:24:e3:
c6:3d:ce:81:24:d2:c4:94:b2:c8:11:6d:8a:d7:37:
fb:9e:58:ef:da:8d:1c:d4:9b:fe:02:84:68:16:85:
91:0d:d7:7e:ee:2b:8d:6d:b1:5f:d3:e8:7c:29:54:
74:06:31:51:96:9b:32:20:3e:c9:2a:db:62:07:2a:
3c:71:fc:2c:06:6d:31:7e:40:a2:a7:0d:aa:fa:a4:
3a:6b:63:5c:46:99:d6:44:7a:e4:bb:9d:84:33:6f:
b8:be:51:9f:5a:95:b1:5a:d9:6e:6d:b4:63:1c:93:
f3:8f:2c:af:3a:cd:09:e2:8c:d9:36:24:b7:c5:48:
91:6b:e0:a1:d5:e9:6f:56:35:8d:42:ee:f1:ea:51:
38:c0:ed:81:48:59:6c:d6:11:8b:d4:12:77:d3:33:
e7:9c:ae:15:0d:8f:85:76:e6:fa:86:d0:a8:bb:06:
75:72:cd:53:3e:8f:16:92:24:f2:0d:36:fb:dd:32:
76:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:1B:63:7A:5C:F8:F0:AD:54:68:D6:D0:2F:18:A5:D4:3F:8A:60:96
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40264.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.27.4.0/22
82.27.12.0/22
82.29.16.0/22
82.29.32.0/22
Signature Algorithm: sha256WithRSAEncryption
28:cd:fd:24:cb:56:eb:9f:d8:10:c2:97:2d:19:61:f1:86:34:
84:93:65:25:ba:5d:4c:55:4a:c3:7e:ce:e8:0e:68:8e:8b:8a:
87:0b:11:73:e2:9b:a4:61:25:4e:f3:91:6a:b3:39:21:c0:04:
4d:a8:5c:cd:de:7a:f7:8c:11:94:33:f2:26:3e:17:4b:91:2d:
62:c6:e5:58:03:e4:e6:f4:5e:7c:57:56:f8:1d:b4:18:c6:3b:
b0:49:15:9f:4c:92:11:0c:76:c1:5e:a5:9b:d1:dc:0a:d4:d9:
88:67:ad:ad:71:3f:24:4b:05:cb:7b:99:d4:06:37:60:33:7c:
47:c5:a9:f2:a5:02:da:99:d8:05:e2:d0:54:a7:4c:d1:01:db:
48:d1:f5:65:c2:54:41:0b:a2:d5:ce:80:33:b3:c4:52:ee:1f:
c2:84:fb:63:e8:7a:15:cf:19:64:1b:1b:8e:e9:6e:bc:bd:7b:
01:db:c0:46:a9:85:16:cf:fc:3c:32:ae:b3:a7:54:67:22:f6:
64:ce:4c:70:8a:97:2a:02:fd:d6:d8:bd:cd:cc:e1:03:0c:e1:
8e:56:23:af:dc:01:71:99:3f:bf:4c:e8:e3:8b:be:65:73:c7:
50:af:87:36:75:c3:32:49:66:49:e2:df:6d:77:f0:63:0f:fb:
6e:21:ff:71
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUSaY698pTtLXHEcnh/8ReZEIlsPQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAxMTAxNzU2MjZaFw0yNjAxMDkxODAxMjZaMDMxMTAvBgNV
BAMTKDIyMUI2MzdBNUNGOEYwQUQ1NDY4RDZEMDJGMThBNUQ0M0Y4QTYwOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWWqJe/FUN29TIsORgbWFktLtU
zYwaa7T0gS+yd75y08FZ2iXT6OmWepnGrkQmI0QRcY9StTfDwVHjnvob/TYuY/3J
WBJAevkk48Y9zoEk0sSUssgRbYrXN/ueWO/ajRzUm/4ChGgWhZEN137uK41tsV/T
6HwpVHQGMVGWmzIgPskq22IHKjxx/CwGbTF+QKKnDar6pDprY1xGmdZEeuS7nYQz
b7i+UZ9albFa2W5ttGMck/OPLK86zQnijNk2JLfFSJFr4KHV6W9WNY1C7vHqUTjA
7YFIWWzWEYvUEnfTM+ecrhUNj4V25vqG0Ki7BnVyzVM+jxaSJPINNvvdMna3AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUIhtjelz48K1UaNbQLxil1D+KYJYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAyNjQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAJSGwQD
BAJSGwwDBAJSHRADBAJSHSAwDQYJKoZIhvcNAQELBQADggEBACjN/STLVuuf2BDC
ly0ZYfGGNISTZSW6XUxVSsN+zugOaI6LiocLEXPim6RhJU7zkWqzOSHABE2oXM3e
eveMEZQz8iY+F0uRLWLG5VgD5Ob0XnxXVvgdtBjGO7BJFZ9MkhEMdsFepZvR3ArU
2Yhnra1xPyRLBct7mdQGN2AzfEfFqfKlAtqZ2AXi0FSnTNEB20jR9WXCVEELotXO
gDOzxFLuH8KE+2PoehXPGWQbG47pbry9ewHbwEaphRbP/DwyrrOnVGci9mTOTHCK
lyoC/dbYvc3M4QMM4Y5WI6/cAXGZP79M6OOLvmVzx1CvhzZ1wzJJZkni32138GMP
+24h/3E=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:57:44 2025 by rpki-client